aintaining the security of a vast system of information technology resources can be daunting. Fortunately, an assortment of tools are now available to help security administrators. Often several functions are bundled into one package.
Security management tools can help agencies with networks of networks to centrally manage user sign-ons. "Computer access controls are constantly in flux," notes David Bernstein, editor of Infosecurity News in Framingham, Mass. Computer users "leave, get different responsibilities, move to different departments . . . new applications come on to the system," he says.
Software to automate portions of that task is available from companies such as Computer Associates International Inc., IBM Corp., AXENT Technologies Inc., Mergent International and Information Resource Engineering Inc.
Detection or monitoring software spots security breaches in progress. "They tell what is happening in the flow of traffic over the network or what activities people are performing on various applications," says Power of the Computer Security Institute. If it finds something unusual, it can alert a systems administrator or disable that user's account. Detection software can help address the threat of insiders doing unauthorized things.
Trident Data Systems plans to make commercially available a detection tool the company originally developed for the Air Force. Other companies offering such tools include Haystack Labs Inc., AXENT Technologies Inc. and Internet Security Systems. Keane Federal Systems Inc. is testing patented software that takes the offensive after a breach to determine where on the Internet the threat originated.
Auditing tools focus on the system's configuration; they check the system for vulnerabilities and provide reports. Security administrators can run tests with the same types of tools that hackers might use to penetrate the system's defenses. The tools can check for easy-to-guess passwords, for example. SATAN (Security Administrator's Tool for Analyzing Networks) is one type of software that is publicly available at no charge on the Internet, while commercial versions are available from companies such as Internet Security Systems.